Since Yahoo and AOL have moved to a DMARC policy of reject, mail
senders are changing the way they are sending their emails. Instead of
using the email address of an user in RFC5322.From they use their own
address and put the address of the user in the Reply-To field.
FREEMAIL_FORGED_REPLYTO fires on these emails and produce false
positives.
From examples taken from log lines of amavisd:
From: GIVENNAME_SURNAME_via_LinkedIn_<mem...@linkedin.com>
(dkim:AUTHOR)
From: NAME_via_Dropbox_<no-re...@dropbox.com> (dkim:AUTHOR)
Since more and more such emails will occur, for example all web forms
will send their emails in this way, the rule does not make sense
anymore.
--
Michael
